> > we have needs for 16bit and 20bit, do you know of 16/20bit block
> > cipher?
> Since the high bit is used for a special purpose (toggled every time
> the generator is reseeded), don't we actually need 15- and 19-bit block
> ciphers to generate 16- and 20-bit identifiers?
if you flip the top bit, yes, (n - 1) bit cipher is needed.
if you don't flip the top bit and encrypt sequential counter, n bit
cipher is needed.
> I believe that you can build a block cipher of arbitrary size using
> a Feistel network and some other cipher. See recent posts to the
> cryptography@metzdowd.com list.
yup. it's a interesting thread.
itojun